The Imposition of Protocols Over Open Distributed Systems
IEEE Transactions on Software Engineering
Law-governed interaction: a coordination and control mechanism for heterogeneous distributed systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
WS-Attestation: Efficient and Fine-Grained Remote Attestation on Web Services
ICWS '05 Proceedings of the IEEE International Conference on Web Services
Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Building an application-aware IPsec policy system
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Semantic remote attestation: a virtual machine directed approach to trusted computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
Trusted virtual domains: toward secure distributed services
HotDep'05 Proceedings of the First conference on Hot topics in system dependability
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Layering negotiations for flexible attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Chinese-wall process confinement for practical distributed coalitions
Proceedings of the 12th ACM symposium on Access control models and technologies
Integrity Management Infrastructure for Trusted Computing
IEICE - Transactions on Information and Systems
Content oriented virtual domains for secure information sharing across organizations
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Engineering attestable services
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
| Hi-index | 0.00 |
Despite increasing needs for the coalition-based resource sharing, establishing trusted coalition of nodes in an untrusted computing environment is a long-standing yet increasingly important issue to be solved. The Trusted virtual domain (TVD) is a new model for establishing trusted coalitions over heterogeneous and highly decentralized computing environment. The key technology to enable TVD is the integrity assurance mechanism, which allows a remote challenger to verify the configuration and state of a node. A modern computer system consists of a multi-layer stack of software, such as a hypervisor, a virtual machine, an operating system, middleware, etc. The integrity assurance of software components is established by chains of assurance from the trusted computing base (TCB) at the lowest layer, while the communication interface provided by nodes should be properly abstracted at a higher layer to support interoperable communication and the fine-grained handling of expressive messages. To fill the gap between ”secure communication between nodes” and ”secure communication between trusted components”, a notion of ”Secure Message Router (SMR)”, domain-independent, easy to verify, multi-functional communication wrapper for secure communication is introduced in this paper. The SMR provides essential features to establish TVDs : end-to-end secure channel establishment, policy-based message translation and routing, and attestability using fixed clean implementation. A virtual machine-based implementation with a Web service interface is also discussed.